On Fri, 2007-11-16 at 15:22 +0000, Chris Thompson wrote:
> On Nov 16 2007, Niall O'Reilly wrote:
>
> >On 16 Nov 2007, at 11:40, Byung-Hee HWANG wrote:
> >
> >> last Monday, my domain master gave me the authority to control
> >> [izb.knu.ac.kr] with dns operating. since then, [izb.knu.ac.kr] has
> >> been
> >> controling by [chrys.izb.knu.ac.kr]. but someday i found out some
> >> strange log in [chrys.izb.knu.ac.kr]'s /var/log/messages:
> >>
> >> Nov 16 14:51:31 chrys named[32597]: client 155.230.10.2#36819:
> >> received
> >> notify for zone 'knu.ac.kr': not authoritative
> >>
> >> can you please explain the above log for what? and what can i do for
> >> solving the matter?

> >
> > Some system is sending your server a NOTIFY for the 'knu.ac.kr'.
> > Dig is your friend ...
> >
> >sixte(niall)1: dig +short chrys.izb.knu.ac.kr
> >155.230.165.20
> >
> > Your server seems to have the address 155.230.165.20.
> >
> >sixte(niall)2: dig +short -x 155.230.10.2
> >ns.knu.ac.kr.
> >
> > The NOTIFY is coming from a system which seems to be called
> > 'ns.knu.ac.kr'.
> >
> >sixte(niall)3: dig +norec @155.230.165.20 knu.ac.kr
> >
> >; <<>> DiG 9.3.4 <<>> +norec @155.230.165.20 knu.ac.kr
> >; (1 server found)
> >;; global options: printcmd
> >;; Got answer:
> >;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53675
> >;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 13
> >
> > The server at 155.230.165.20 is not authoritative for 'knu.ac.kr',
> > so it can't do anything about the NOTIFY. The NOTIFY not useful.
> >
> > It would be reasonable to ask the people who look after 'ns.knu.ac.kr'
> > to avoid sending you NOTIFY for their zone.

>
> The reason it is sending you a NOTIFY is (alomost certainly) because
> it believes you are an official slave server for the zone:
>
> $ dig ns knu.ac.kr @155.230.10.2
>
> ; <<>> DiG 9.3.3 <<>> ns knu.ac.kr @155.230.10.2
> ; (1 server found)
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1623
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 6
>
> ;; QUESTION SECTION:
> ;knu.ac.kr. IN NS
>
> ;; ANSWER SECTION:
> knu.ac.kr. 1000 IN NS ns.ce.knu.ac.kr.
> knu.ac.kr. 1000 IN NS ns.metal.knu.ac.kr.
> knu.ac.kr. 1000 IN NS chrys.izb.knu.ac.kr.
> knu.ac.kr. 1000 IN NS pinus.izb.knu.ac.kr.
> knu.ac.kr. 1000 IN NS ns.knu.ac.kr.
> knu.ac.kr. 1000 IN NS ns2.knu.ac.kr.
>
> ;; ADDITIONAL SECTION:
> ns.ce.knu.ac.kr. 1000 IN A 155.230.29.7
> ns.metal.knu.ac.kr. 1000 IN A 155.230.173.55
> chrys.izb.knu.ac.kr. 1000 IN A 155.230.165.20
> pinus.izb.knu.ac.kr. 1000 IN A 155.230.157.93
> ns.knu.ac.kr. 1000 IN A 155.230.10.2
> ns2.knu.ac.kr. 1000 IN A 155.230.128.2
>
> ;; Query time: 300 msec
> ;; SERVER: 155.230.10.2#53(155.230.10.2)
> ;; WHEN: Fri Nov 16 15:11:46 2007
> ;; MSG SIZE rcvd: 245
>
> That in-zone set of NS records is much larger than the set in the
> delegation for knu.ac.kr (which has only ns.knu.ac.kr and ns2.knu.ac.kr).
>
> Ask them what they are up to.


now i can understand all the problems correctly.
thanks, Chris!
thnaks, Niall!

respect,
bh

--
"I would work for you like your sons."
-- Tom Hagen, "Chapter 1", page 52